cyberintel.kalymoon.com · 4826 articles · updated every 4 hours · grows forever
Bridging Observability Gaps With AI, OTel and Scalable Data Models As AI-driven development and cloud adoption accelerate system complexity, traditional observability tools are struggling to keep pace…
A new malware campaign involving a Remote Access Trojan called Janela RAT has been actively targeting financial institutions and cryptocurrency platforms across Latin America. The threat actors behind…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Fortinet products. On April 13, 2026, the agency added a severe SQL injec…
OpenAI’s Codex AI model successfully escalated privileges to root on a real Samsung Smart TV by exploiting world-writable kernel driver interfaces — a finding that raises serious questions about how h…
A live credential stuffing botnet targeting Twitter/X accounts has been found completely exposed to the internet, with no password required to access its control panel, worker server credentials, or r…
A newly discovered variant of the PlugX worm is silently crossing borders by hiding inside USB drives, and it has already been detected on multiple continents spanning nearly ten time zones. First spo…
A newly discovered Android malware called Mirax has been quietly circulating in underground criminal forums since late 2025, posing a growing threat to mobile users across Europe and beyond. What sets…
108 malicious Chrome extensions steal sessions, Google data, inject ads via single C2 infrastructure
Triad Nexus scales $200m scams, uses infrastructure laundering, localized fraud and US-access blocks
A new IANS report claims just 34% of cybersecurity professionals plan to stay put in the next 12 months
China-aligned hackers have deployed a Linux-based ELF backdoor to steal cloud credentials at scale from workloads across AWS, GCP, Azure, and Alibaba Cloud environments. According to Breakglass Intell…
Basic-Fit, a European gym chain, disclosed that hackers breached one of its internal systems, exposing members’ personal data in several countries. The company operates more than 2,150 clubs in 12 cou…
Organizations that run DavMail to bridge standard mail clients to Microsoft Exchange or Office 365 received an update this week. Version 6.6.0 addresses a code-scanning alert tied to a regex vulnerabi…
Oligo Security has unveiled Runtime Exploit Blocking, a new capability that stops exploit attempts at the application layer in real time. By providing visibility into how applications execute and beha…
Claroty has revealed new Visibility Orchestration capabilities in its Saas offering Claroty xDome, transforming visibility from a vague concept into a quantifiable measurement that proves the value of…
The W3LL phishing kit, a cybercrime tool used to impersonate legitimate login pages and steal usernames and passwords, has been dismantled by the FBI and Indonesian law enforcement authorities. Offici…
Could Claude Mythos Preview, Anthropic’s latest large language model, be leveraged for fully automated cyber attacks? The UK government’s AI Security Institute (AISI) tested its capability to successf…
OpenSSL 4.0.0 removes several long-deprecated features, adds support for Encrypted Client Hello, and introduces API-level changes that will require code updates for applications built against older ve…
Basic-Fit has reported that hackers have stolen names, dates of birth, and even bank account details. The post Europe’s Largest Gym Chain Says Data Breach Impacts 1 Million Members appeared first on S…
CISOs face a shrinking window to prepare as AI models like Mythos collapse the gap between vulnerability discovery and exploitation, driving a new era of high-velocity cyberattacks. The post ‘Mythos-R…
Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning (SEO) techniques and artificial intelligence (AI)-generated content to push dece…
Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and push memory-saf…
Stolen credentials remain a top breach vector, often leading to unchecked privilege escalation. Specops explains how identity-first Zero Trust limits access, enforces device trust, and blocks lateral …